The Geek Chorus welcomes Alan Reiter, President of Wireless Internet & Mobile Computing as he echos our warnings, in his well-written piece 'Open Season on Bugging Cellphones'...
"Silently, but with increasing frequency, government agencies and private individuals around the world are bugging cellular phones. Some of those phones are surreptitiously transmitting copies of their SMS, emails, call histories, and locations to Websites where the data may be viewed by those who have installed the clandestine software.
Most cellular subscribers don't have to worry about this happening to them, at least not yet. But anyone -- suspected criminals, spies, corporate executives, spouses, and even ex-lovers -- could be targeted. Thanks to software you can purchase over the Web, you don't have to be a secret agent to listen to cellular conversations or retrieve data transmissions.
Recently, a Swedish man was found guilty of hiding a cellular phone behind the headboard of his ex-girlfriend’s bed and remotely turning on the phone to listen to conversations..." (more)
Monday, June 23, 2008
Spy News of the Week
Sweden - "Earlier this week the Swedish stasi-government decided -- against the peoples wishes -- to wiretap all internet and telephone traffic in order to protect Sweden against threats. As you all know, being a neutral country makes Sweden a target for all the terrorists of the world, apparently," blogs one of The Pirate Bay's admins, Peter Sunde. "Many people have asked me what we're planning to do -- and the answer is 'A lot!'. This week we're going to add SSL to The Pirate Bay. We're also going to help out making a website about easy encryption -- both for your hard drives and your net traffic." (more)Germany - German incumbent Deutsche Telekom is going to get yet another scolding. German public television channel ZDF reported the former operator turned self-spying agency wire tapped a few customers. Apparently 120 calls were illegally tapped by the company, without any court order or involvement of the police. (more)
UK - Every council in England will today be instructed to stop using tough laws to spy on people over "trivial matters" such as dog-fouling and litter offences. (more)
New Zealand - A 21-year-old peeping tom has been caught spying on his female neighbour in Dunedin. The Otago University student was nabbed peering through a flat window just before 9pm yesterday. (more)
India - This year the Delhi University saw many of the "spy students" hired by private detective agencies being roped in by parents to keep an eye on their wards. However... a growing number of students are visiting detective agencies and are offering handsome amounts to them to know whether their parents have hired any "spy students", mainly girls, to keep a watch on their activities. (more)
United States - Xiaodong Sheldon Meng, 44, who was raised in China and holds Canadian citizenship, was sentenced on the rare charge of committing economic espionage against the U.S. It's the most serious crime under the Economic Espionage Act of 1996 and involves stealing trade secrets to benefit a foreign government. (more)
South Africa - The bugging devices of the former dispensation, which were used in foreign embassies in South Africa and had been planted by an espionage front company, are still being used. (more)
Switzerland - A left-wing campaign group asked Swiss authorities on Friday to investigate Swiss food and drinks giant Nestle SA for allegedly hiring a spy to infiltrate the group. A Swiss chapter of anti-globalization group Attac filed the legal complaint in Vaud canton (state), after learning that an employee of Securitas AG security company took part in its private meetings between late 2003 and June 2004... (more)
United States - US information security company Cyber-Ark surveyed 300 senior IT professionals, and found that one-third admitted to secretly snooping, while 47 per cent said they had accessed information that was not relevant to their role. (more)
Bulgaria - A man applied for a job as an industrial spy. Together with several other applicants, he was given a sealed envelope and told to take it to the fourth floor. As soon as the man was alone, he stepped into an empty hallway and opened the envelope. Inside, a message read: "You're our kind of person. Report to the fifth floor Personnel Office." (source)
SpyCam Story #451 - Cheap Thrill
A 52-year-old Long Island man has been arrested on charges of videotaping women's private body parts as they shopped at a dollar store. Nassau County police say the man followed unsuspecting women around the store in Baldwin and placed a camcorder under their clothing. (more)
Perhaps he was also shopping for DSPM parts?
Perhaps he was also shopping for DSPM parts?
Sunday, June 22, 2008
Corporate Espionage Detailed in Documents
It is rare to see hard evidence of corporate espionage.Well-executed corporate espionage goes undetected.
This is unusual...
In the 1990s, a Maryland-based private detective agency composed of former CIA agents and law enforcement officers spied...
The agency, Beckett Brown International, had an operative at meetings of a group in Rockville that accused a nursing home of substandard care. In Louisiana, it kept tabs on environmental activists after a chemical spill. In Washington, it spied on food safety activists who had found taco shells made with genetically modified corn not approved for human consumption.
BBI, which was founded in 1995, disbanded in 2000, and the activists might never have learned they were spied on. But a disgruntled BBI investor began digging through company records two years ago and has been contacting the former targets. He also gave The Washington Post access to the records, which provide an unusually detailed look into the secretive world of corporate spying.
Not all of BBI's work targeted activists: Lysol wanted details of a New Jersey high school student's science fair project about cleaning products. Mary Kay executives sought a secret "psychological assessment" of a fellow executive. A consultant working for Nestlé wanted information about rivals Mars and Whetstone Candy...
An undercover operative not identified in the documents was named to the governing board of CLEAN. "I will be in the 'inner circle' and included in all the planning meetings," he wrote in an e-mail.
The operative reported on meetings held at the law office after business hours and on private conversations about lawsuits, one of which took place in a parking lot because of concern that meeting rooms were bugged. (more)
Now you know why eavesdropping and espionage detection is part of every good corporate security program.
Saturday, June 21, 2008
Electronic Surveillance Law Updates
U.S. - The House yesterday easily approved a compromise bill setting new electronic surveillance rules that effectively shield telecommunications companies from lawsuits arising from the government's terrorism-era warrantless eavesdropping on phone and computer lines in this country.The bill, which was passed on a 293-129 vote, does more than just protect the telecoms. The update to the 30-year-old Foreign Intelligence Surveillance Act is an attempt to balance privacy rights with the government's responsibility to protect the country against attack, taking into account changes in telecommunications technologies.
The House's passage of the FISA Amendment bill marks the beginning of the end to a months long standoff between Democrats and Republicans about the rules for government wiretapping inside the United States. The Senate was expected to pass the bill with a large margin, perhaps as soon as next week, before Congress takes a break during the week of the Fourth of July. (more)
Sweden - Sweden's parliament has approved controversial new laws allowing authorities to spy on cross-border e-mail and telephone traffic. The country's intelligence bureau will be able to scan international calls, faxes and e-mails. ...The bill will become law in January. (more)
How Legal Wiretapping Works in the U.S.
The days of sitting in a basement, monitoring a line, using your Audiotechnics pocket 'buttset' with alligator clips is over. G-people now sit at computers in their air-conditioned offices. The process was simply explained, by arlene, in this post..."CALEA requires that communications providers allow law enforcement officials to be able to listen in on phone conversations and get information about those phone calls, but only when the law enforcement agency has gotten approval for the tap.
The law enforcement agency goes before a judge and presents reasons a wiretap is needed. If the judge approves, a legal document or order is delivered to the communications provider.
A specially authorized person at the communications provider logs in to a system specifically set up for CALEA-approved wiretaps. A number of systems are sold by various manufacturers, but all of them tap into the routers and switches that make up telecommunications networks.
All calls on the communications network are routed digitally over switches and routers. The system used for taps connects to a central point in the network, over which all communications travel.
The tapping system captures two primary pieces of information about the call—the actual voice transmission itself (often referred to as call content information [CCC]) and data associated with each call, such as the phone numbers at both ends of the call (often referred to as call associated data [CDC]).
The CCC and the CDC information are sent over special secure routers to the law enforcement agency.
The Federal Communications Commission has ruled that PC-to-PC calls, when a call is made directly from one computer to another over the Internet using Voice over Internet Protocol (VoIP) software such as Skype, is subject to CALEA. But as of this writing, no technical way has been devised to tap in to those calls." (source)
Friday, June 20, 2008
'Get Smart' Reviews, Smart
"GET SMART" is a film mistaken about its own identity. As a reworking of one of the great 1960s TV comedies, you'd think being funny would be its main goal. But you would be wrong. Very, very wrong. Like its protagonist, in-over-his-head secret agent Maxwell Smart, "Get Smart" yearns to be something it's not.
Unaccountably eager to walk in the footsteps of James Bond, "Get Smart" neglects the laughs and amps up the action, resulting in a not very funny comedy joined at the hip to a not very exciting spy movie. Talk about killing two birds with one stone. (more)However, in the back of the DVD bin...
Peter Segal’s top five 'Get Smart' episodes
Would you believe we asked Peter Segal, the director of the spy comedy "Get Smart," starring Steve Carell as Agent 86 Maxwell Smart and Anne Hathaway as Agent 99, to name his top 50 episodes of the classic TV series on which the film is based?
Would you believe we asked him his top 25?
How about his top 10?
All right, we settled for his top five.
(more)Get Smart - The Complete Original TV Series
'Bug'ged Car Phone? With Voice Male?
The Phone Car is a modified by a 1975 Volkswagen Beetle. Created by Howard Davis as a way to promote his telephone biz, Datel Communications. Check out the video of this phone car on the road. The horn, of course, rings. (more)More Art Cars...
Thursday, June 19, 2008
TALAN Telephone and Line Analyzer Wins 2008 Canadian Technical Security Conference Award
It is always heartwarming to see our eavesdropping and wiretap detection instrumentation winning international awards..."The TALAN Telephone and Line Analyzer (manufactured by REI) has been awarded the 2008 Canadian Technical Security Conference (CTSC) Award for significant industry contribution, research and engineering design.
Telephone technology has advanced over the past several years, and so have the methods and possibilities for surveillance devices on telephone lines, making traditional eavesdropping tap detection methods outdated and ineffective. Additionally, multiple pieces of test equipment were required to conducted time consuming tests that provided limited results. The TALAN is a breakthrough in telephone and line testing, combining multiple tests into a single piece of equipment as well as introducing NEW technology providing effective tap detection tests for both digital and analog telephone lines.
The Canadian Technical Security Conference (CTSC) is an annual conference composed of Technical Security Specialists and members of the Canadian Technical Security Professional Association (CTSPA). Delegates and speakers of the conference include technical security professionals representing private companies, law enforcement, military and government organizations from Canada and around the world..." (more)
Other award winning instrumentation
Murray Associates brings to their client's defense...
Wednesday, June 18, 2008
Botnet Vet Beset by FBI Dragnet - followed by... Cold Sweat, Upset & Regret
In the first prosecution of its kind in the nation, a man who is well known to members of the “botnet underground” pleaded guilty today to federal charges related to his use of “botnets” – armies of compromised computers – to steal the identities of victims throughout the country by extracting information from their personal computers and wiretapping their communications.
John Schiefer, 26, of Los Angeles (90011), appeared today before United States District Judge A. Howard Matz and pleaded guilty to accessing protected computers to conduct fraud, disclosing illegally intercepted electronic communications, wire fraud and bank fraud...
Schiefer’s “spybot” malware allowed him to intercept communications sent between victims’ computers and financial institutions, such as PayPal. Schiefer sifted through those intercepted communications and mined usernames and passwords to accounts. Using the stolen usernames and passwords, Schiefer made purchases and transferred funds without the consent of the victims. Schiefer also gave the stolen usernames and passwords, as well as the wiretapped communications, to others. (more)
John Schiefer, 26, of Los Angeles (90011), appeared today before United States District Judge A. Howard Matz and pleaded guilty to accessing protected computers to conduct fraud, disclosing illegally intercepted electronic communications, wire fraud and bank fraud...
Schiefer’s “spybot” malware allowed him to intercept communications sent between victims’ computers and financial institutions, such as PayPal. Schiefer sifted through those intercepted communications and mined usernames and passwords to accounts. Using the stolen usernames and passwords, Schiefer made purchases and transferred funds without the consent of the victims. Schiefer also gave the stolen usernames and passwords, as well as the wiretapped communications, to others. (more)
Almost everything you wanted to know about WIRETAPPING
"DIY Wiretapping:The Ultimate Guide
(And How to Fight Back)"
via ITsecurity.com
Even if you aren't involved in a criminal case or illegal operation, it's incredibly easy to set up a wiretap or surveillance system on any type of phone. Don't be surprised to learn that virtually anyone could be spying on you for any reason.
How to Wiretap
Did you think wiretapping was just for the FBI and mobsters? It's actually so easy that we can show you how to install and manage different wiretapping systems yourself...
(11 "tips" revealed)
Fighting Back
Defend yourself against wiretappers and spies by following these tips. You'll be able to determine if someone is eavesdropping on your home phone, cell phone or VoIP calls.
(13 "tips" revealed... including this one.)
• Check for any suspicious wires running from your phone: Spybusters LLC, a company that performs eavesdropping-detection audits, explains on its Web site the different types of wires your phone should have and which ones indicate wiretapping.
(more)
Extra Credit...
Listen Up: 17 Signs That You Are Being Wiretapped
Is someone listening to your private calls? Know the warning signs.
Sunday, June 15, 2008
The #1 Reason to Ditch Your Stripcut Shredder
"Unshredding" shredded documents is nothing new. Our client family has been hearing this warning from me for over 30 years now.
Reconstruction can be accomplished by hand; most notably, when the Iranians took over the American Embassy in Tehran around 1980 (example).
Once a back-room government parlor trick, computer automated document reconstruction is now available to the general public!
Recommendations...
Ditch every stripcut (and partial stripcut) shredder in your company. They do not provide adequate business-level information security. Use crosscut, particle-cut or pulping shredders. Alert your Purchasing Department... "No more crummy stripcut shredders!"
Resources...
• "How to Choose A Shredder" - Dahle
(Hint: Crosscut not Stripcut. Always.)
• Lynde-Ordway
• ABCO Office Solutions
• Advantage Business Equipment
• Allegheny Paper Shredders
• Ameri-Shred
• Capital Shredder Corp
• Cummins Allison Corporation
• Dahle USA
• ECCO Business Systems
• Fellowes Manufacturing Company
• GBC Shredmaster Factory Direct
• Ideal
• Industrial Paper Shredders, Inc.
• Intimus Paper Shredders
• MBM Corporation (Destroyit)
• Security Engineered Machinery
• Somat Corporation (pulping shredders)
• Whitaker Brothers
• General search (Yahoo)
Bulk wastepaper destruction companies serving your area…
• The National Association for Information Destruction, Inc.
(Search "Certified Members")
Reconstruction can be accomplished by hand; most notably, when the Iranians took over the American Embassy in Tehran around 1980 (example).
Once a back-room government parlor trick, computer automated document reconstruction is now available to the general public!
Recommendations...
Ditch every stripcut (and partial stripcut) shredder in your company. They do not provide adequate business-level information security. Use crosscut, particle-cut or pulping shredders. Alert your Purchasing Department... "No more crummy stripcut shredders!"
Resources...
• "How to Choose A Shredder" - Dahle
(Hint: Crosscut not Stripcut. Always.)
• Lynde-Ordway
• ABCO Office Solutions
• Advantage Business Equipment
• Allegheny Paper Shredders
• Ameri-Shred
• Capital Shredder Corp
• Cummins Allison Corporation
• Dahle USA
• ECCO Business Systems
• Fellowes Manufacturing Company
• GBC Shredmaster Factory Direct
• Ideal
• Industrial Paper Shredders, Inc.
• Intimus Paper Shredders
• MBM Corporation (Destroyit)
• Security Engineered Machinery
• Somat Corporation (pulping shredders)
• Whitaker Brothers
• General search (Yahoo)
Bulk wastepaper destruction companies serving your area…
• The National Association for Information Destruction, Inc.
(Search "Certified Members")
Saturday, June 14, 2008
SpyCam Story #450 - We told you 'Bugs Stink'
NY - A Long Island doctor is accused of installing a hidden camera in the bathroom of his medical office.
Nassau County police say 54-year-old Vincent Pacienza was arrested Friday and charged with unlawful surveillance.
The doctor's staff discovered the camera, which had been concealed inside an air purifier.
Police believe the camera was placed in the restroom of the Manhasset medical office within the last two weeks. (more)
The kicker...
The purifier, listed for $699, features a "built-in color camera and carrier current video transmitter is completely undetectable," according to the Web site.
The doctor's office staff discovered the device after receiving a bill from thespystore.com, said Det. Lt. Kevin Smith.
The staff looked at the Web site and recognized the air purifier listed there as similar to the one recently installed in the 8-by-8 office restroom, Smith said.
Nassau County police say 54-year-old Vincent Pacienza was arrested Friday and charged with unlawful surveillance.
The doctor's staff discovered the camera, which had been concealed inside an air purifier.
Police believe the camera was placed in the restroom of the Manhasset medical office within the last two weeks. (more)
The kicker...
The purifier, listed for $699, features a "built-in color camera and carrier current video transmitter is completely undetectable," according to the Web site.
The doctor's office staff discovered the device after receiving a bill from thespystore.com, said Det. Lt. Kevin Smith.
The staff looked at the Web site and recognized the air purifier listed there as similar to the one recently installed in the 8-by-8 office restroom, Smith said.
The Low-Tech Spy #187 - Mirror mirror on the stall
UK - A peeper used a mirror to spy on swimmers undressing in the cubicles of a Teesside pool, a court heard.
Paul Stoddart was spared a prison sentence as Teesside Crown Court ruled yesterday his crime was a “singular aberration”. The 46-year-old voyeur was seen holding a small mirror under the partitions of cubicles at Stockton’s Splash centre. He was caught as a mum saw two hands holding a mirror tilted upwards under the wall of her cubicle as she crouched to take off her jeans.
She was at Splash with her husband and their two-year-old daughter on November 29 last year. The woman saw Stoddart emerge from the adjoining cubicle.
Her husband went looking for Stoddart, saw him holding the mirror under other changing rooms and alerted pool staff. (more)
Paul Stoddart was spared a prison sentence as Teesside Crown Court ruled yesterday his crime was a “singular aberration”. The 46-year-old voyeur was seen holding a small mirror under the partitions of cubicles at Stockton’s Splash centre. He was caught as a mum saw two hands holding a mirror tilted upwards under the wall of her cubicle as she crouched to take off her jeans.
She was at Splash with her husband and their two-year-old daughter on November 29 last year. The woman saw Stoddart emerge from the adjoining cubicle.
Her husband went looking for Stoddart, saw him holding the mirror under other changing rooms and alerted pool staff. (more)
Subscribe to:
Posts (Atom)